<DIV>Hi Ken,</DIV>
<DIV> </DIV>
<DIV>I wasnt aware that it was blocked as general rule. Unfortunately SSH Sentinel has been discontinued/sold to safenet. I'll try sending a query to safenet but I am not holding by breath. The documentation has no mention of NAT or IP Forwarding on the client itself. </DIV>
<DIV> </DIV>
<DIV>Thanks</DIV>
<DIV> </DIV>
<DIV>NA</DIV>
<DIV><BR><B><I>Ken Bantoft <ken@xelerance.com></I></B> wrote:</DIV>
<BLOCKQUOTE class=replbq style="PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: #1010ff 2px solid"><BR><BR>Many Windows-based IPsec client block IP forwarding, or at least IP <BR>forwarding over IPsec tunnels. You will need to adjust the policies to <BR>explicitly allow this traffic to be NAT'd, and then allowed over the <BR>tunnel.<BR><BR>Refer to documentation for your product of choice (SSH Sent, SafeNet or <BR>MS's Native stack) for directions on how to do this.<BR><BR>Note: It may not be possible to do this in some products.<BR><BR><BR>On Thu, 27 May 2004, Needy Admin wrote:<BR><BR>> Hi,<BR>> <BR>> I have a travelling salesman that needs to connect to the office and at the <BR>> moment he can do so with XP Pro and SSH Sentinel (using a manually<BR>> assigned virtual IP) and happily access email and other services.<BR>> <BR>> He now also needs to allow a handheld device to connect via the VPN. <BR>> As I understand the setup, he basically wants the
laptop to be a <BR>> router/vpn gateway to allow the laptop and the device(s) behind the box <BR>> to access the servers at the office at the same time. <BR>> <BR>> I've tried with SSH Sentinel but I cannot find any documentation on such<BR>> a configuration. <BR>> <BR>> I've also tried using the native IPSec in XP with the ipsec tool from <BR>> vpn.ebootis.de by Marcus Muller and no luck there either. The laptop can<BR>> connect successfully but it doesnt NAT or route any traffice from the <BR>> internal net<BR>> I'm afraid the OS is not negotiable as he needs to use a Windows app<BR>> together with the handheld. On the other hand a VMWare type solution<BR>> maybe sufficient.<BR>> <BR>> I'd appreciate any help or suggestions on this matter.<BR>> <BR>> Regards,<BR>> <BR>> NA<BR><BR><BR>-- <BR>Ken Bantoft VP Business Development<BR>ken@xelerance.com Xelerance Corporation<BR>sip://toronto.xelerance.com
http://www.xelerance.com<BR><BR>The future is here. It's just not evenly distributed yet. <BR>-- William Gibson<BR><BR></BLOCKQUOTE><p><br><hr size=1>
Find local movie times and trailers on <a href="http://au.rd.yahoo.com/mail/tagline/*http://au.movies.yahoo.com" target=_blank><b>Yahoo! Movies.</b></a><br>